Subscribe
First Look

Cyberattack on Hollywood hospital exposes vulnerability of digital records

The FBI is investigating a ransomware cyberattack on a hospital in Los Angeles that forced doctors and medical staff to return to old-fashioned records and highlighted the vulnerability of healthcare data to hackers.

  • close
    The Hollywood Presbyterian Medical Center is pictured in Los Angeles, California Tuesday. The FBI is investigating a cyberattack that has crippled the electronic database at Hollywood Presbyterian Medical Center for days, forcing doctors at the Los Angeles hospital to rely on telephones and fax machines to relay patient information.
    Mario Anzuoni/Reuters
    View Caption
  • About video ads
    View Caption
of

A cyberattack on a hospital in Hollywood shows how vulnerable doctors and patients have become as health care data is transferred to the national Electronic Health Records system.

The Federal Bureau of Investigation is still investigating the cause of a cyberattack that crippled the patient data electronic database at the Hollywood Presbyterian Medical Center and forced patients and staff to relay chart information by telephone, fax machine, and old-fashioned doctor shorthand.

"It's right there on paper, but it may not be legible," Rangasamy Ramanathan, a specialist who works with the hospital told Reuters. "The only problem is doctors' writing."

Cyberattacks on health care facilities can have much deeper implications for patients than long wait times, however, even for those who had no contact with the hospital during or immediately after the attack, as the Monitor's Passcode correspondent Jaikumar Vijayan wrote following the massive hack into the Premera Blue Cross computer system exposing data of millions of Americans:

While hackers who break into banks can get away with millions of credit card numbers, increasingly hackers are targeting healthcare networks for repositories of names, Social Security numbers, birth dates, bank account information, claims information, and clinical data....

Not only is this information being traded on the black market for people to commit identity theft, it's also being used to obtain prescription drugs and commit insurance fraud. For the individuals whose identities are used to perpetrate these crimes, their own medical treatments may be impacted, their health insurance disrupted, and their credit scores lowered.

Medical identity theft impacted an estimated 2.3 million in 2014, a 21 percent increase from 2013, and cost victims an average of $13,500, according to the Ponemon Institute, a security and privacy research organization.

In the case Hollywood hospital attack, the hackers used a malware called ransomware, meaning they encrypted the hospital's data and demanded 9,000 bitcoins – about $3 million – to return it, MIT Technology Review reported. The hospital's electronic data system has been turned off for almost a week since, and the hospital president and chief executive officer Allen Stefanek declared an internal emergency because of the information technology problems caused by the hack. 

The transfer of all medical record to the the Electronic Health Records system has created an opportunity that hackers are proving eager to exploit, for despite holding more personal data than either retailers or banks, hospitals and insurance companies have so far been slower to protect it, Mr. Vijayan previously reported for Passcode.

“When you look at any crime, it requires motive and opportunity," Rob Sadowski, director of technology solutions at RSA, the security arm of EMC Corp, told Vijayan.

This report contains information from Reuters.

[Editor’s note: The original version of this story misspelled the name of RSA's Rob Sadowski. In an update, the Hollywood Presbyterian Medical Center paid about $17,000 to the hackers to retrieve its data on Thursday.]

About these ads
Sponsored Content by LockerDome
 
 
Make a Difference
Inspired? Here are some ways to make a difference on this issue.
FREE Newsletters
Get the Monitor stories you care about delivered to your inbox.
 

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.

Loading...

Loading...

Loading...

Save for later

Save
Cancel

Saved ( of items)

This item has been saved to read later from any device.
Access saved items through your user name at the top of the page.

View Saved Items

OK

Failed to save

You reached the limit of 20 saved items.
Please visit following link to manage you saved items.

View Saved Items

OK

Failed to save

You have already saved this item.

View Saved Items

OK